In various operating systems, to deliver arbitrary program data to other places, a clipboard or a space similar to the clipboard is provided and is regarded as one of operating system functions frequently used in utilization of a computer. Data delivery through a clipboard basically does not take security into account, and consequently, any program executed in an operating system can use data stored in the clipboard.
FIG. 1 is a diagram showing a situation in which data is stored in a clipboard provided by an operating system and data is extracted in response to a request for the data, and it can be seen from FIG. 1 that application programs being executed can freely store data in a clipboard 1 as a plaintext and extract data from the clipboard 1 for utilization of the data. For example, data stored by an application program #2 5 may be extracted to be pasted to a document 2 3 which is being edited by an application program #1 4; data stored in the document 2 3 which is being edited by the application program #1 4 may be extracted to be pasted to a document 1 2; and data stored in the document#1 2 may be extracted to be pasted to the document 1 2.
Since data in a clipboard is freely delivered between arbitrary programs capable of using a format of the data, a simple text, a rich text, a picture, and information having a particular format may be delivered between programs capable of using such information. Information delivery made between programs through a clipboard is undoubtedly an efficient method of properly using a multitasking function of an operating system, but as the security of important data is increasingly demanded, data transmitted between independent programs through the clipboard needs to be protected. For example, even if during management of a security document, a strict management function is introduced which disallows production of a copy of the document to prevent leakage of contents of the document or disallows delivery of the document to other storage places or transmission of the document to outside, the contents of the security document may be leaked by being transmitted as an unrestricted general document with the use of a clipboard or someone unauthorized may peep into contents stored in the clipboard. Therefore, it is necessary to enhance security by managing, data transmission performed through a clipboard. Although there are applications for managing plural temporarily-stored information by extending a clipboard (such as a scrapbook of Macintosh and clipboard extension applications (many pastes, a multi-clipboard, a clip tray, a tray text, etc.)), these applications merely provide a function of storing a plurality of, mainly, plain texts and selecting and using a desired one among the stored plain texts, and do not provide any function related to security. Moreover, with introduction of a digital rights management (DRM) system, when particular contents are provided, management for blocking a clipboard function is performed to prevent production of a copy of the contents, but such management is merely blocking of the clipboard function, significantly degrading the efficiency of a computer work performed through the clipboard.
In other words, since a clipboard, which is a basic function of an operating system, is frequently used in various computer works such as a document work, a picture work, a program work, a presentation work, and so forth, if the clipboard is blocked, the work efficiency is significantly degraded. Therefore, it is necessary to effectively control delivery of a security-demanding data through the clipboard in a state where the use of the clipboard is permitted.
To control use of a clipboard, a means for integrated management of use of the clipboard has been applied, but due to low trust or reliability thereof, the means is difficult to use for a security purpose for preventing leakage of information. That is, a conventional clipboard management means is configured to prevent security-demanding information from being delivered to an unreliable or untrusty place by controlling a flow of information, and in this configuration, every information flow for the clipboard has to be thoroughly monitored, and if such information control fails at a single position, information leakage occurs. Moreover, by nature of a terminal where various events occur, trust is low. Therefore, there is an urgent need for a clipboard security scheme which guarantees free use of a clipboard, trust in control of security contents, and explicit trust in preventing information leakage.